|
TRAINING SERVICES
(NIST 800-37) Security Certification and Accreditation of Federal Information Systems
Course Content: This course is designed to help the Information System Owner, Information Owner, Information Systems Security Officer, Certification Agent, User Representative and other INFOSEC professionals fully understand the Federal Certification and Accreditation process as outlined in NIST SP 800-37, Guide for the Security Certification and Accreditation of Federal Information System, as well as, how to integrate applicable requirements from the Federal Information Security Management Act (FISMA); OMB Circular A-130, Appendix III; and other applicable NIST and FIPS publications.
This instruction is designed to provide INFOSEC professionals with a comprehensive understanding and working knowledge of the Federal Information Systems Certification and Accreditation (C&A) Process. This course will provide an overview of current policy, laws, and guidance, definitions and terms, the evolution of information system security, and provides detailed information on roles and responsibilities, the integration of security within the system development life cycle, how to determine threats, vulnerabilities, how to determine and implement appropriate security controls, and provide risk management as they apply to availability, integrity, confidentiality, and accountability in the C&A process. This instruction will provide students with detailed information on the four distinct C&A Phases and 10 required Tasks, current guidance, and will include multiple examples, samples, and student exercises throughout the course to help ensure student comprehension.
During this 4-day course, students will learn:
How to understand the history of AIS security and how it applies to Federal, State, and local information systems
How to recognize basic concepts of information security and applicable definitions as they apply to Federal, State, and local information system
How to understand the relevant laws, policies, directives, and instruction that apply to Federal, State, and local information systems
How to understand the roles and responsibilities of the chief information officer, authorizing official (and authorizing official representative), senior agency information security officer, information system owner, information owner, information system security officer, certification agent, and user representative
How to understand and apply the Federal C&A methodology in initiating, planning, and implementing the Federal Information Systems Security C&A Phases and Tasks
How to identify and complete security accreditation packages, including the System Security Plan, Security Assessment Report, and the Plan of Actions and Milestones
How to identify, plan, and validate security controls
How to make a certification determination and accreditation decision
How to maintain the authorization to operate and conduct security self-assessments and security control reviews
How to identify and apply agency or service-unique requirements concerning C&A implementation
Prerequisites: There are no mandatory prerequisites
for the courses described in this catalog; however, it is desirable
that students have a basic understanding of computer PC operations.
Note: This course can also be taught at your location. If taught at your location, course costs will also include travel and per diem for one instructor in accordance with the Joint Federal Travel Regulation
| Pricing:Please call (210)523-6000 for current course price. |
Register
| DATES OFFERED |
LENGTH |
| 19 AUG - 22 AUG 2008 |
4 DAYS |
| 16 SEPT - 19 SEPT 2008 |
4 DAYS |
| 07 OCT - 10 OCT 2008 |
4 DAYS |
| 04 NOV - 07 NOV 2008 |
4 DAYS |
| 09 DEC - 12 DEC 2008 |
4 DAYS |
*ADDITIONAL CLASSES AVAILABLE. CONTACT
STUDENT SERVICES FOR SCHEDULING INFO.
** Continuing Education Credits (CPEs/CEUs): This course has an approximate value of 27 CPEs. (Subject to audit)
|
